Free Malware Removal Forum

Welcome to MalwareRemoval.com,What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

You say that you can connect the laptop to the internet at home. Presumably, this means that you can now download any programs and updates. Please let me know. If you can connect the laptop to the internet at home, it is unlikely that your connectivity problem at the office is malware-related. I suggest that you get someone to come into the office to sort this out.

Safe Mode:

First, let's stop it rebooting automatically after the BSOD. Click on Start, right-click on My Computer, click on Properties and then the Advanced tab. Click on the Settings button in the Startup and Recovery section. Untick Automatically restart in the System failure section. Click OK then OK again. Now, if you get the BSOD, you will be able to note the error.

I notice that, according to your second HijackThis log, you have Nero InCD running on the computer. There is a known problem, with an old version of this program, that prevents booting into Safe Mode. Please uninstall this program using Control Panel -> Add or Remove Programs. Reboot your computer normally, and then try to reboot into Safe Mode.

NOTE: CCleaner installs the Yahoo Toolbar as an option which is checkmarked by default during the installation. If you do NOT want it, REMOVE the checkmark when provided with the option.

Double click on the file to start the installation of the program.

Select your language and click OK, then next.

Read the license agreement and click I Agree.

Click next to use the default install location. Click Install then finish to complete installation.

Double click the CCleaner shortcut on the desktop to start the program.

On the Windows tab, under Internet Explorer, uncheck Cookies if you do not want them deleted. (If deleted, you will likely need to re-enter your passwords at all sites where a cookie is used to recognize you when you visit).

If you use either the Firefox or Mozilla browsers, the box to uncheck for Cookies is on the Applications tab, under Firefox/Mozilla.

Hi. It looks as if we are getting there. However, you ran the SmitfraudFix #2 in Normal Mode. To be safe, I would like you to run the Search function again.

Open the SmitfraudFix folder and double-click smitfraudfix.cmdSelect option #1 - Search by typing 1 and press 'Enter'; a text file will appear, which lists infected files (if present).
Please copy/paste the content of that report into your next reply.

Run HijackThis and click Scan and then check (tick) the following, if present (don't worry if any are missing):

Close down all programs, browsers and other open windows. Make sure that only the above items are checked and then click on Fix checked.

Update Java Runtime:

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, and also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 5.0 Update 9.

As I said in a previous post, your connectivity problem at the office does not appear to be malware-related. I suggest that you get someone to come into the office to sort this out.

This is my standard 'speech' once someone's computer is clean. Forgive me if you already do some, or all, of the following.

Now that you are clean, please follow these simple steps in order to keep your computer clean and secure:

Disable and Enable System Restore - You should disable and then re-enable system restore to make sure there are no infected files found in a restore point. You can find instructions on how to enable and re-enable system restore here: Windows XP System Restore Guide

Make your Internet Explorer more secure - This can be done by following these simple instructions:

From within Internet Explorer click on the Tools menu and then click on Internet Options.

Click once on the Security tab

Click once on the Internet icon so it becomes highlighted.

Click once on the Custom Level button.

Change the Download signed ActiveX controls to 'Prompt'

Change the Download unsigned ActiveX controls to 'Disable'

Change the Initialise and script ActiveX controls not marked as safe to 'Disable'

Change the Installation of desktop items to 'Prompt'

Change the Launching programs and files in an IFRAME to 'Prompt'

Change the Navigate sub-frames across different domains to 'Prompt'

When all these settings have been made, click on the OK button.

If it prompts you as to whether or not you want to save the settings, press the Yes button.

Next press the OK button to exit the Internet Properties page.

Use an Anti-Virus Software - It is very important that you have an anti-virus program running on your computer. This alone can save you a lot of trouble with malware in the future. See this link for a list of some online and stand-alone anti-virus programs: Computer Safety On line - Anti-Virus

Update your Anti-Virus Software - It is imperative that you update your anti-virus software at least once a week (even more if you can). If you do not update your anti virus software then it will not be able to catch any of the new variants that may come out.

Use a Firewall - I cannot stress how important it is that you use a firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a firewall in its default configuration can greatly lower your risk. For an article on firewalls, and a list of some available ones, see this link: Computer Safety Online - Software Firewalls

Visit Microsoft's Windows Update Site Frequently - It is important that you visit Windows Update regularly. This will ensure you always have the latest security updates installed on your computer. If there are new updates to install, install them immediately, reboot your computer and revisit the site until there are no more critical updates.

If they are not already present, I would recommend that you download and install some, or all, of the following programs (all free):

Spybot - Search and Destroy - Install and download Spybot - Search and Destroy with its TeaTimer option. This will provide real-time spyware and hijacker protection on your computer, alongside your virus protection. You should also scan your computer with the program on a regular basis just as you would an anti virus software. A tutorial on installing & using this product can be found here: Instructions for Spybot S&D and Ad-Aware

Ad-Aware SE Personal - Install and download Ad-Aware SE Personal. You should also scan your computer with the program on a regular basis just as you would an anti-virus software in conjunction with Spybot. A tutorial on installing & using this product can be found here: Instructions for Spybot S&D and Ad-Aware

SpywareBlaster - SpywareBlaster will add a large list of programs and websites into your Internet Explorer and/or Firefox browser settings that will protect you from running and downloading known malicious programs. A article on anti-malware products with links for this program and others can be found here: Computer Safety on line - Anti-Malware

Update all of these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected will reduce dramatically.

Please reply to confirm that you have read this post, so that we can close this thread.

Please do not contact us if you are not the topic starter. A valid, working link to the closed topic is required along with the user name used. If the user name does not match the one in the thread linked, the email will be deleted.

Who is online

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.